Ubuntu Manpage: URILocalBL - blocklist URIs using local information (ISP names, address lists, and country codes)

NAME

       URILocalBL - blocklist URIs using local information (ISP names, address lists, and country codes)

SYNOPSIS

       This plugin creates some new rule test types, such as "uri_block_cc", "uri_block_cidr", and
       "uri_block_isp".  These rules apply to the URIs found in the HTML portion of a message, i.e. <a href=...>
       markup.

         loadplugin    Mail::SpamAssassin::Plugin::URILocalBL

       Why local blocklisting? There are a few excellent, effective, and well-maintained DNSBL's out there. But
       they have several drawbacks:

       • blocklists can cover tens of thousands of entries, and you can't select which ones you use;

       • verifying that it's correctly configured can be non-trivial;

       • new blocklisting entries may take a while to be detected and entered, so it's not instantaneous.

       Sometimes  all  you  want  is  a  quick,  easy,  and very surgical blocklisting of a particular site or a
       particular ISP. This plugin is defined for that exact usage case.

RULE DEFINITIONS AND PRIVILEGED SETTINGS

       The format for defining a rule is as follows:

         uri_block_cc SYMBOLIC_TEST_NAME cc1 cc2 cc3 cc4 ..
         uri_block_cc SYMBOLIC_TEST_NAME !cc1 !cc2 ..

       or:

         uri_block_cont SYMBOLIC_TEST_NAME co1 co2 co3 co4 ..
         uri_block_cont SYMBOLIC_TEST_NAME !co1 !co2 ..

       or:

         uri_block_cidr SYMBOLIC_TEST_NAME a.a.a.a b.b.b.b/cc

       or:

         uri_block_isp SYMBOLIC_TEST_NAME "Data Rancid" McCarrier Phishers-r-Us

       Example rule for matching a URI in China:

         uri_block_cc TEST1 cn

       If you specify list of negations, such rule will match ANY  country  except  the  listed  ones  (Finland,
       Sweden):

         uri_block_cc TEST1 !fi !se

       Continents uri_block_cont works exactly the same as uri_block_cc.

       This would block the URL http://www.baidu.com/index.htm.  Similarly, to match a Spam-haven netblock:

         uri_block_cidr TEST2 65.181.64.0/18

       would match a netblock where several phishing sites were recently hosted.

       And to block all CIDR blocks registered to an ISP, one might use:

         uri_block_isp TEST3 "Data Rancid" ColoCrossing

       Quote ISP names containing spaces.

       Lastly,  if there's a country that you want to block but there's an explicit host you wish to exempt from
       that blocklist, you can use:

         uri_block_exclude TEST1 www.baidu.com

       if you wish to exempt URL's referring to this host. The same syntax is applicable to CIDR and ISP  blocks
       as well.

DEPENDENCIES

       The   Country-Code   based   filtering  can  use  any  Mail::SpamAssassin::GeoDB  supported  module  like
       MaxMind::DB::Reader (GeoIP2) or Geo::IP.  ISP based filtering might require a paid subscription  database
       like GeoIPISP.

perl v5.40.1                                       2025-06-26             Mail::SpamAssas...gin::URILocalBL(3pm)